Siemens Fixes SCALANCE X Switches

Wednesday, September 12, 2018 @ 09:09 AM gHale

Siemens has a mitigation plan in place to handle an improper input validation in its SCALANCE X Switches, according to a report with NCCIC.

Successful exploitation of this remotely exploitable vulnerability, which Siemens self-reported, could allow an attacker with network access to the device to cause a denial-of-service condition. Public exploits are available. In addition, an attacker with low skill level could leverage the vulnerability.

The following versions of SCALANCE X Switches, which are used to connect industrial components like programmable logic controllers (PLCs) or human machine interfaces (HMIs), are affected:
• SCALANCE X300: All versions prior to 4.0.0
• SCALANCE X408: All versions prior to 4.0.0
• SCALANCE X414: All versions

In the vulnerability, the web interface on Port 443/TCP could allow an attacker to cause a denial-of-service condition by sending specially crafted packets to the web server. The device will automatically reboot, impacting network availability for other devices.

An attacker must have network access to Port 443/TCP to exploit the vulnerability. Neither valid credentials nor interaction by a legitimate user are required to exploit the vulnerability. There is no confidentiality or integrity impact, availability is only temporarily impacted.

This vulnerability could be exploited by publicly available tools.

CVE-2018-13807 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

The product sees use in the chemical, energy, food and agriculture, and water and wastewater systems sectors. The product sees action on a global basis.

As a general security measure, Siemens recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens’ operational guidelines for Industrial Security, and to follow the recommendations in the product manuals.